Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New Resource: vault_ldap_auth_backend #126

Merged

Conversation

angrylogic
Copy link
Contributor

This also includes vault_ldap_auth_backend_user and
vault_ldap_auth_backend_group. If you prefer I can split these out
into separate PRs however it seemed to make sense to include them all at
once since they are not useful without their counterparts.

@icereed
Copy link

icereed commented Jun 4, 2018

Awesome! Hope it will get merged soon.

@kmcquade
Copy link

kmcquade commented Jul 9, 2018

@catsby - any chance we can have someone look at this PR && other PRs on this repo? Lots of pending PRs and no new releases since early April. My client is eager to have their Vault Enterprise configuration reflected in code, and it's more user friendly to manage this with the Vault provider than via bash scripts.

@paddycarver @bflad sorry to spam, but hoping we can get someone to look at this.

@kmcquade
Copy link

kmcquade commented Sep 7, 2018

@angrylogic - after pushing this and testing, have you encountered any issues with the LDAP backend? I'm going to test it soon, as I'm a frustrated with the lack of attention to this PR, but I figured I would ask you if I should expect any issues before testing it out myself. Let me know at your earliest convenience. Thanks for your work!!

@tyrannosaurus-becks tyrannosaurus-becks self-assigned this Sep 17, 2018
Copy link
Contributor

@tyrannosaurus-becks tyrannosaurus-becks left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for contributing this, it's looking good! Just a couple minor things and I'll get this merged on in.

Exists: ldapAuthBackendExists,

Schema: map[string]*schema.Schema{
"url": &schema.Schema{
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would be nice to get all &schema.Schema declarations like this stripped out.

_, err := client.Logical().Write(path, data)

if err != nil {
d.SetId("")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this also need to be called above elsewhere to set it to a non-empty-string value?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure if this is the "correct" way of handling this. The idea here is that the ID gets set initially inside the Create function (ldapAuthBackendWrite). This is the Update function (ldapAuthBackendUpdate) where the ID should already have been set.

This code basically says "if we failed to update this resource inside Terraform, we should remove it from the state entirely because its probably not there any longer".

There were some other resources with this behaviour at the same time which I copied, but I'm not sure its the correct way to handle an error here.

case json.Number:
apiData, err := resp.Data[apiAttr].(json.Number).Int64()
if err != nil {
return fmt.Errorf("Expected API field %s to be an int, was %q", apiAttr, resp.Data[apiAttr])
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would be nice to have all errs be lowercase.

func arrayToTerraformList(values []string) string {
output := make([]string, len(values))
for idx, value := range values {
output[idx] = fmt.Sprintf(`"%s"`, value)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this step needed? I'm wondering if it would be possible to just do this:

return fmt.Sprintf("[%s]", strings.Join(values, ", "))

And literally delete everything else inside this function.

Copy link
Contributor Author

@angrylogic angrylogic Sep 18, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, this is a much better way to do this. My go was rusty at the time I wrote these :-)

EDIT: Actually - the problem here is we need to quote these values to make them an array of strings for Terraform which is what the intermediate step is doing.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh yes, that makes sense! I didn't catch the interior quotes when looking the first time.

angrylogic and others added 2 commits September 18, 2018 10:58
This also includes `vault_ldap_auth_backend_user` and
`vault_ldap_auth_backend_group`.  If you prefer I can split these out
into separate PRs however it seemed to make sense to include them all at
once since they are not useful without their counterparts.
* lowercase errors
* remove unneeded &schema.Schema declarations
@ghost ghost added the size/XXL label Sep 18, 2018
Copy link
Contributor

@tyrannosaurus-becks tyrannosaurus-becks left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you! We appreciate your contribution.

@tyrannosaurus-becks tyrannosaurus-becks merged commit c34dfd0 into hashicorp:master Sep 18, 2018
dandandy pushed a commit to dandandy/terraform-provider-vault that referenced this pull request Jun 17, 2021
…ackend

New Resource: vault_ldap_auth_backend
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants